﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Data;
using System.Data.SqlClient;
using System.Windows.Forms;

namespace QLKHACHHANG.DataAccess
{
    class DBUser
    {
        // Hàm kiểm tra người dùng có đúng không
        public static bool CheckUser(string user, string pass)
        {
            SqlConnection conn = null;
            SqlDataReader rdr = null;
            bool status = false;
            try
            {
                string connectionstring = SetConfig.getAppSetting("ConnectionString");
                conn = new SqlConnection(connectionstring);

                SqlCommand cmd = new SqlCommand("sp_KiemTraDangNhap", conn);
                cmd.CommandType = CommandType.StoredProcedure;
                cmd.Parameters.AddWithValue("@Tendangnhap", user);
                cmd.Parameters.AddWithValue("@Matkhau", !pass.Equals("")?Utilities.Utilities.StringToMD5(pass):pass);
                conn.Open();
                rdr = cmd.ExecuteReader();
                if (rdr.HasRows)
                    status = true;
            }
            catch (Exception ex)
            {
                MessageBox.Show("Vui lòng kiểm tra lại kết nối CSDL !\n\n" + "(Mã lỗi:" + ex.Message + ")");
            }
            finally
            {
                if (conn != null)
                {
                    conn.Close();
                }
                if (rdr != null)
                {
                    rdr.Close();
                }
            }
            return status;
        }
        public static bool ChangePass(string user, string oldpass, string newpass)
        {
            SqlConnection conn = null;
            SqlDataReader rdr = null;
            bool status = false;
            try
            {
                string connectionstring = SetConfig.getAppSetting("ConnectionString");
                conn = new SqlConnection(connectionstring);

                SqlCommand cmd = new SqlCommand("sp_DoiMatKhau", conn);
                cmd.CommandType = CommandType.StoredProcedure;
                cmd.Parameters.AddWithValue("@Tendangnhap", user);
                cmd.Parameters.AddWithValue("@Matkhaucu", !oldpass.Equals("") ? Utilities.Utilities.StringToMD5(oldpass) : oldpass);
                cmd.Parameters.AddWithValue("@Matkhaumoi", !newpass.Equals("") ? Utilities.Utilities.StringToMD5(newpass) : newpass);                
                conn.Open();
                rdr = cmd.ExecuteReader();
                status = true;
            }
            catch (Exception ex)
            {
                if (ex.Message.Contains("@@Lỗi"))
                {
                    MessageBox.Show(ex.Message, "Lỗi", MessageBoxButtons.OK, MessageBoxIcon.Error);
                }
                else
                {
                    MessageBox.Show("Vui lòng kiểm tra lại kết nối CSDL !\n\n" + "(Mã lỗi:" + ex.Message + ")", "Lỗi", MessageBoxButtons.OK, MessageBoxIcon.Error);
                }
            }
            finally
            {
                if (conn != null)
                {
                    conn.Close();
                }
                if (rdr != null)
                {
                    rdr.Close();
                }
            }
            return status;
        }
    }
}
